package com.zwh.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpSession;

@Controller

public class UserController {
	@RequestMapping("loginUser")
	public String login(String username, String password, HttpSession session,String code){
		//获取主体
		Subject subject = SecurityUtils.getSubject();
		//获取token
		UsernamePasswordToken token = new UsernamePasswordToken(username, password);
		//验证
		String vcode =(String) session.getAttribute("code");
		if(vcode.equalsIgnoreCase(code)){
			try {
				subject.login(token);
				System.out.println("登陆成功");
				System.out.println("远程库上的修改");
				return "main";
			} catch (AuthenticationException e) {
				e.printStackTrace();
				session.setAttribute("error_msg", "用户名或密码错误！");
				System.out.println("登陆失败");
				return "login";
			}
		}else{
			session.setAttribute("error_msg", "验证码错误！");
			return "redirect:/login.jsp";
		}

	}
	@RequestMapping("loginOut")
	public String loginout(){
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return "redirect:/login.jsp";
	}
}
